Categorizing Network Attacks Using Pattern Classification Algorithms

Abstract

Information systems are often inundated with thousands of attack alerts to distinguish novice hacker probes from genuine threats. Pattern classification can help filter relatively benign attacks from alerts generated by anomaly detectors, limited the numbers of alerts to requiring attention. This research investigates the feasibility of using pattern classification algorithms on network packed header information to classify network attacks. Both liner discrimination and radial basis function algorithms are trained using flood and scan attacks. The classifiers are then tested with unknown floods and scans to determine how well they categorize previously unseen attacks.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Mar 01, 2002
Accession Number
ADA415160

Entities

People

  • George E. Noel Iii

Organizations

  • Air Force Institute of Technology

Tags

Communities of Interest

  • Cyber
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Air Force
  • Application Protocols
  • Change Detection
  • Computer Networks
  • Computers
  • Cybersecurity
  • Denial Of Service Attack
  • Detection
  • Detectors
  • Electronic Mail
  • Information Systems
  • Intrusion Detectors
  • Machine Learning
  • Network Protocols
  • Network Science
  • Operating Systems
  • Transport Protocols

Fields of Study

  • Computer science

Readers

  • Critical Infrastructure Protection in CBRN and WMD Threats.
  • Oncology and Biomarker-Based Cancer Detection.
  • Systems Analysis and Design